X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:message-id:date:from:mime-version:to:subject
	:content-type:content-transfer-encoding; q=dns; s=default; b=MQA
	VxltrgNN7mIvatGuVVnll3A0vNCfRLpEyBf/cIis4ievV5Zsj9wfSwwbPI1tvMOV
	1gV4b8ws4HBoQdg+mCZEIbHOE54Df4oECgEiobSj48VjSdw3fay2hhZmGwa177RY
	LP+ob9i/FHk922N6ogxsGzTfzA0Kq13SjwFHQLEQ=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:message-id:date:from:mime-version:to:subject
	:content-type:content-transfer-encoding; s=default; bh=42G+KTQ3B
	9/HV2yrVV413thMlb8=; b=NQxz2Bl+nJ8Atb9iMoweBOAjBRMjyjeoMwtvYCiss
	M/Dw7VlFKTXOh6vj0gIxo9dtMAssY6inHVFawLW5aqbcZ9w9PD+fjGqCdfIEOzC5
	N243aOTD21dRaEzpp4MOIHrBTTQDOzouTyOceWzL9ntZUX4rlWNccaVY/Hmgghu/
	Jg=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=-3.6 required=5.0 tests=BAYES_00,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,RP_MATCHES_RCVD,SPF_PASS autolearn=ham version=3.3.2
X-HELO:	BLU004-OMC1S9.hotmail.com
X-TMN:	[hrguIsG57A5XaiybIQZMxuABbHlJPsWz]
Message-ID:	<BLU436-SMTP39AE7DD48809E802CE4DAE9E860@phx.gbl>
Date:	Sun, 19 Jul 2015 16:07:15 +0200
From:	Jarek <yaro_29 AT hotmail DOT com>
User-Agent:	Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version:	1.0
To:	cygwin AT cygwin DOT com
Subject:	Cygwin ssh and Windows authentication

I'm still quite new to Cygwin. I'm using the most recent version to 
install the ssh component on Server 2012R2 member server since it 
happened to become a requirement for certain users. The problem I have 
is to understand how to allow access for domain groups. I read the new 
version doesn't even need the /etc/passwd and /etc/group files any more 
but I couldn't see any explanation as to how to allow users or groups 
permission to ssh to the cygwin sshd server. Running ssh-host-config 
answering yes to all questions except the one for using other user than 
the cyg_server I set up the ssh daemon. Not knowing any other way I 
created the /etc/passwd file with $mkpasswd -l > /etc/passwd which 
dumped all local users into the file. I successfully added a domain user 
with $mkpasswd -u [domain_user] -D [domain] >> /etc/passwd.
This worked just fine creating the /home/[user] folder I think although 
I haven't checked if it didn't get created earlier since I installed 
Cygwin under that user account.  No idea though how to get this working 
without the use of /etc/passwd file. I then created the /etc/group file 
and added my selected domain user group to it. Unfortunately in this 
case members of the group cannot connect via ssh. I don't know if there 
is a way to list all users including group members with access 
permissions. $net user lists only users. I tried $net group but this 
seems to be limited to DCs only which I have no access to. Could someone 
please explain how can this be set up and what tellls Cygwin who can 
connect and who can't?

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -